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IN THE CLAIMS: 

Please amend claims as follows: 

1 . (Currently amended) A method by which for use by a telecommunications terminal (10) in 
authenticating the telecommunications terminal (lO) d e t e rmin e s wh e th e r a candidat e RAND 
includ e d in a RAND chall e ng e is a member of a s e t of pr e viou s ly us e d RANDs , charact e riz e d by 
comprising : 

a st e p (31) of encoding-fee - random numbers previously used RANDs for authenticating the 
telecommunications terminal (10), u sing -so as to provide a data structure (21) consisting of an 
ordered set of components having respective component values derived from the previously used 
RANDs random numbers, wherein each component has a starting value of zero, but the value ef-is 
set to one or z e ro d e p e nding on wh e ther if, based on the order of the component in the ordered set, 
the component i t-is pointed to by any of a plurality of on e or mor e point e rs e ach having a valu e 
pointer values each based on a dig e st of all the bits of a respective one of the previously used RAND 
random numbers or having a valu e oth e rwis e d e riv e d from all th e components of a r e spectiv e 
previously us e d RAND so that in e ith e r cas e all bit s of the RAND contribute in determining the 
valu e of th e compon e nt ; and 

a step (32) of checking the data structure (21) to determine whether th e data structure 
indicat e s wh e th e r th e a candidate random numbe r RAND is a m e mber of a set of not one of the 
previously use d random numbers RANDs : 

wherein the data structure (21) is such as to at least provide a true answer as to whether the 
candidate random number RAND is not an e l e ment of the set of o ne of the p reviously use d random 
numbers RANDs . 

2. (Currently amended) A method as in claim 1, wherein in th e st e p (31) of e ncoding the previously 
used random numbers RANDs , a set of hash functions is used each having providing a value in a 
range equal to the number of components of the data structure (21), and for each previously used 
random numbe r RAND , each of the hash functions is evaluated and the component in the ordered 
set of components at the position indicated by the hash function value is set to one. 



-3- 



Attorney Docket No.: 944-004.040 



3. (Currently amended) A method as in claim 21, wherein in encoding the previously used random 
numbers, the previously used random numbers are used as the pointer values t h e previously used 
RAND valu e s s e rv e as th e hash function s bas e d on using th e RAND values a s pointers to 
compon e nts of th e data structur e (21) . 

4. (Currently amended) A method as in claim 1, wherein the data structure (21) is a multi-part data 
structure (21) with each part having an upper limit on the number of random number RAND v alues 
it can indicate as belonging to th e s e t of one of the p reviously used random number RAND v alues, 
wherein each part has values based on only some of the previously used random numbers, and 
wherein all most recently received random numbers are used in determining component values in 
only one of the parts, and further wherein when an upper limit is reached for the one of the parts, 
another of the parts is reset. 

5. (Currently amended) A computer program product comprising comprising: 

a computer readable storage structure embodying computer program code thereon for 
execution by a computer processor in a terminal (10), 

w&h -wherein said computer program code characteriz e d in that it includes instructions for 
performing the s t e ps of th e method of claim 1 . 

6. (Currently amended) An apparatus includ e d for use by m-a telecommunication terminal (10) and 
by which th e t e l e communication terminal (10) d e termin e s in authenticating the telecommunications 
terminal (10) to an access network wh e ther a candidate RAND included in a RAND challenge is a 
m e mber of a s e t of pr e viously us e d RANDs , characterized b y comprising : 

means (11 12 34-1 4) for encoding random numbers previously used for authenticating the 
telecommunications terminal (10), so as to provide a data structure (21) consisting of an ordered set 
of components having respective component values derived from the previously used random 
numbers, wherein each component has a starting value of zero, but the value is set to one if, based 
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on the order of the component in the ordered set, the component is pointed to by any of a plurality of 
pointer values each based on all the bits of a respective one of the previously used random 
numbers e ncoding th e pr e viously us e d RANDs using a data structur e (21) consisting of an ord e r e d 
set of compon e nts having compon e nt valu e s d e riv e d from th e pr e viously us e d RANDs wh e r e in each 
component has a valu e of on e or z e ro d e pending on wh e th e r it is point e d to by one or more point e r s 
e ach having a valu e bas e d on a dig e st of all the bits of a r e sp e ctive pr e viously used RAND or having 
a value oth e rwis e d e rived from all the compon e nts of a r e spective previously us e d RAND so that in 
e ith e r cas e all bits of th e RAND contribute in determining th e valu e of the component ; and 

means (1 1 12 3214) for checking the data structure (21) to determine whether th e data 
structure indicates wh e th e r the a_candidate random number RANB is a member of a set of not one of 
the p reviously used random numbers RANDs ; 

wherein the data structure (21) is such as to at least provide a true answer as to whether the 
candidate random numberR ANB is not an e l e m e nt one of the se^ei-previously used random 
numbers RANDs . 

7. (Currently amended) A system, comprising! 

-a telecommunication terminal (10) A and 

a radio access network configured for cellular communication with the telecommunication 
terminal (10), 

wherein characterized in that the telecommunication terminal (10) includes an apparatus as 
in claim 6. 

8. (New) An apparatus for use by a telecommunication terminal (10) in authenticating the 
telecommunications terminal (10) to an access network, comprising an authenticator module (14) 
and one or more Bloom filter modules (1 1 12), configured to: 

encode random numbers previously used for authenticating the telecommunications terminal 
(10), so as to provide a data structure (21) consisting of an ordered set of components having 
respective component values derived from the previously used random numbers, wherein each 
component has a starting value of zero, but the value is set to one if, based on the order of the 
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component in the ordered set, the component is pointed to by any of a plurality of pointer values 
each based on all the bits of a respective one of the previously used random numbers; and 

check the data structure (21) to determine whether a candidate random number is not one of 
the previously used random numbers; 

wherein the data structure (21) is such as to at least provide a true answer as to whether the 
candidate random number is not one of the previously used random numbers. 

9. (New) An apparatus as in claim 8, wherein for encoding the previously used random numbers the 
authenticator module (14) and one or more Bloom filter modules (11 12) are configured so that a set 
of hash functions is used each having a range equal to the number of components of the data 
structure (21), and for each previously used random number, each of the hash functions is evaluated 
and the component in the ordered set of components at the position indicated by the hash function 
value is set to one. 

10. (New) An apparatus as in claim 8, wherein the previously used random numbers are the pointer 
values. 

1 1 . (New) An apparatus as in claim 8, wherein the data structure (21) is a multi-part data structure 
(21) with each part having an upper limit on the number of random number values it can indicate as 
one of the previously used random number values, wherein each part has values based on only some 
of the previously used random numbers, and wherein all most recently received random numbers are 
used in determining component values in only one of the parts, and further wherein for encoding the 
previously used random numbers the authenticator module (14) and one or more Bloom filter 
modules (11 12) are configured so that when an upper limit is reached for the one of the parts, 
another of the parts is reset. 
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